Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
File:                     Mnib05LhxcabdCDMA2gDrxJYzvk.mft (raw, json)
Hash identifier:          PzbybHi3UetD1B/9+oWZzytmhaZI7NZpj5Db1aDMfu0=
Subject key identifier:   61:D4:BC:C0:71:53:AD:90:75:8D:47:32:D9:ED:6E:C7:DD:8B:6A:39
Authority key identifier: 32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9
Certificate issuer:       /CN=32789bd392e1c5c69b7420cc036803af1258cef9
Certificate serial:       019DA4F83FA34C650957E35A8A37464B723B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
Manifest number:          0A19
Signing time:             Sun 19 Apr 2026 09:00:25 +0000
Manifest this update:     Sun 19 Apr 2026 09:00:25 +0000
Manifest next update:     Mon 20 Apr 2026 09:00:25 +0000
Files and hashes:         1: Mnib05LhxcabdCDMA2gDrxJYzvk.crl (hash: ejyJbIjs/MWRRnFMuQ29eL0tiQ2WwQZzXcQRMXaKl/0=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Apr 2026 04:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:a4:f8:3f:a3:4c:65:09:57:e3:5a:8a:37:46:4b:72:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32789bd392e1c5c69b7420cc036803af1258cef9
        Validity
            Not Before: Apr 19 09:00:25 2026 GMT
            Not After : Apr 20 09:00:25 2026 GMT
        Subject: CN=61d4bcc07153ad90758d4732d9ed6ec7dd8b6a39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:ba:40:12:4c:c0:e8:5d:24:e0:50:db:37:f3:
                    1a:c4:04:0e:b3:8a:66:45:a5:93:fa:8c:91:da:85:
                    09:c2:f0:c4:ca:35:53:a3:b8:25:79:00:74:a6:a8:
                    6d:e1:3f:7c:04:5d:12:fb:50:f8:14:e2:b9:b6:df:
                    c7:13:2c:18:c3:bf:e6:c2:dd:63:0e:54:ec:61:25:
                    4d:4b:e2:3b:5f:33:d2:c6:24:2f:14:f7:d9:b8:92:
                    5c:d5:cf:ae:bf:a7:56:46:e6:e5:21:1d:b8:f5:9a:
                    c2:21:75:b8:a9:40:34:7b:9f:ac:81:e1:27:d9:11:
                    59:17:1c:fd:34:3e:45:e0:0d:36:aa:66:65:a6:b3:
                    c7:ca:48:c3:d0:5e:18:31:72:e5:56:6e:3a:33:b3:
                    95:18:56:09:cf:d9:27:f9:14:98:74:8f:cc:f1:23:
                    dd:04:05:18:00:49:7b:4f:1a:bb:94:22:74:e9:6e:
                    bd:60:ab:c8:13:33:fd:d8:60:7a:7e:0e:1a:79:f1:
                    22:cc:2c:d5:79:16:0a:17:3b:2f:b1:eb:3e:bb:bb:
                    d5:d9:c1:e8:d2:a3:6c:b7:7f:5b:4b:ae:d5:1c:07:
                    c9:f3:60:35:8f:af:7a:19:8a:ab:32:8b:2a:2d:1d:
                    db:31:14:7b:ec:24:3c:fb:9a:a1:8f:3f:6e:45:03:
                    07:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:D4:BC:C0:71:53:AD:90:75:8D:47:32:D9:ED:6E:C7:DD:8B:6A:39
            X509v3 Authority Key Identifier:
                keyid:32:78:9B:D3:92:E1:C5:C6:9B:74:20:CC:03:68:03:AF:12:58:CE:F9

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mnib05LhxcabdCDMA2gDrxJYzvk.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/44/1c17d6-3fd4-4ba1-be4c-3866d4412893/1/Mnib05LhxcabdCDMA2gDrxJYzvk.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         33:87:9a:00:b5:25:29:02:b7:1c:cf:43:b9:9b:e5:57:89:c6:
         99:b9:b7:b4:52:ff:7d:08:a7:b5:65:2e:b8:32:20:ad:2a:42:
         3a:a8:2b:98:38:ed:58:83:0a:cb:ce:36:aa:c2:09:a2:3e:ac:
         f7:3f:aa:53:e4:d6:8f:00:f1:9b:e0:71:7e:72:02:e5:56:fa:
         e0:1e:fa:81:c4:ae:95:63:78:4c:9f:5e:4e:87:ea:ab:a7:27:
         3a:c1:31:7f:46:8a:15:d5:19:99:bd:42:d2:4e:ef:c4:91:5b:
         e1:15:15:c8:25:17:61:1b:56:97:47:2e:31:4b:32:ae:d3:3e:
         bd:b6:0d:90:b4:8c:04:dc:9b:8a:7e:00:96:d9:cd:29:86:93:
         58:18:2f:cb:ac:a6:20:c5:d0:0d:fc:cb:ad:cf:18:e3:2a:4d:
         37:43:cb:56:4e:bb:1a:95:ed:29:56:ec:64:f0:57:94:f1:8a:
         db:fe:d7:5f:5d:8e:cc:9e:43:3c:1e:d5:db:2e:c5:b1:3a:26:
         12:ae:07:7b:73:74:a1:03:e2:de:c0:cc:e0:11:04:e7:0d:9e:
         9a:82:4c:d4:de:a6:b2:cc:b3:ff:37:96:92:72:e4:e7:10:b3:
         38:bd:42:4a:e5:56:b5:4c:31:c3:c0:7a:0b:ba:c5:94:f3:9e:
         15:85:e6:db
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2k+D+jTGUJV+NaijdGS3I7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNzg5YmQzOTJlMWM1YzY5Yjc0MjBjYzAzNjgwM2FmMTI1
OGNlZjkwHhcNMjYwNDE5MDkwMDI1WhcNMjYwNDIwMDkwMDI1WjAzMTEwLwYDVQQD
Eyg2MWQ0YmNjMDcxNTNhZDkwNzU4ZDQ3MzJkOWVkNmVjN2RkOGI2YTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbpAEkzA6F0k4FDbN/MaxAQOs4pm
RaWT+oyR2oUJwvDEyjVTo7gleQB0pqht4T98BF0S+1D4FOK5tt/HEywYw7/mwt1j
DlTsYSVNS+I7XzPSxiQvFPfZuJJc1c+uv6dWRublIR249ZrCIXW4qUA0e5+sgeEn
2RFZFxz9ND5F4A02qmZlprPHykjD0F4YMXLlVm46M7OVGFYJz9kn+RSYdI/M8SPd
BAUYAEl7Txq7lCJ06W69YKvIEzP92GB6fg4aefEizCzVeRYKFzsvses+u7vV2cHo
0qNst39bS67VHAfJ82A1j696GYqrMosqLR3bMRR77CQ8+5qhjz9uRQMHxQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGHUvMBxU62QdY1HMtntbsfdi2o5MB8GA1UdIwQY
MBaAFDJ4m9OS4cXGm3QgzANoA68SWM75MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMt
Mzg2NmQ0NDEyODkzLzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8xYzE3ZDYtM2ZkNC00YmExLWJlNGMtMzg2NmQ0NDEyODkz
LzEvTW5pYjA1TGh4Y2FiZENETUEyZ0RyeEpZenZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAM4eaALUl
KQK3HM9DuZvlV4nGmbm3tFL/fQintWUuuDIgrSpCOqgrmDjtWIMKy842qsIJoj6s
9z+qU+TWjwDxm+BxfnIC5Vb64B76gcSulWN4TJ9eTofqq6cnOsExf0aKFdUZmb1C
0k7vxJFb4RUVyCUXYRtWl0cuMUsyrtM+vbYNkLSMBNybin4AltnNKYaTWBgvy6ym
IMXQDfzLrc8Y4ypNN0PLVk67GpXtKVbsZPBXlPGK2/7XX12OzJ5DPB7V2y7FsTom
Eq4He3N0oQPi3sDM4BEE5w2emoJM1N6mssyz/zeWknLk5xCzOL1CSuVWtUwxw8B6
C7rFlPOeFYXm2w==
-----END CERTIFICATE-----